PostgreSQL Source Code  git master
scram.h File Reference
#include "common/cryptohash.h"
#include "lib/stringinfo.h"
#include "libpq/libpq-be.h"
#include "libpq/sasl.h"
Include dependency graph for scram.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

char * pg_be_scram_build_secret (const char *password)
 
bool parse_scram_secret (const char *secret, int *iterations, pg_cryptohash_type *hash_type, int *key_length, char **salt, uint8 *stored_key, uint8 *server_key)
 
bool scram_verify_plain_password (const char *username, const char *password, const char *secret)
 

Variables

PGDLLIMPORT int scram_sha_256_iterations
 
PGDLLIMPORT const pg_be_sasl_mech pg_be_scram_mech
 

Function Documentation

◆ parse_scram_secret()

bool parse_scram_secret ( const char *  secret,
int *  iterations,
pg_cryptohash_type hash_type,
int *  key_length,
char **  salt,
uint8 stored_key,
uint8 server_key 
)

Definition at line 589 of file auth-scram.c.

592 {
593  char *v;
594  char *p;
595  char *scheme_str;
596  char *salt_str;
597  char *iterations_str;
598  char *storedkey_str;
599  char *serverkey_str;
600  int decoded_len;
601  char *decoded_salt_buf;
602  char *decoded_stored_buf;
603  char *decoded_server_buf;
604 
605  /*
606  * The secret is of form:
607  *
608  * SCRAM-SHA-256$<iterations>:<salt>$<storedkey>:<serverkey>
609  */
610  v = pstrdup(secret);
611  if ((scheme_str = strsep(&v, "$")) == NULL)
612  goto invalid_secret;
613  if ((iterations_str = strsep(&v, ":")) == NULL)
614  goto invalid_secret;
615  if ((salt_str = strsep(&v, "$")) == NULL)
616  goto invalid_secret;
617  if ((storedkey_str = strsep(&v, ":")) == NULL)
618  goto invalid_secret;
619  serverkey_str = v;
620 
621  /* Parse the fields */
622  if (strcmp(scheme_str, "SCRAM-SHA-256") != 0)
623  goto invalid_secret;
624  *hash_type = PG_SHA256;
625  *key_length = SCRAM_SHA_256_KEY_LEN;
626 
627  errno = 0;
628  *iterations = strtol(iterations_str, &p, 10);
629  if (*p || errno != 0)
630  goto invalid_secret;
631 
632  /*
633  * Verify that the salt is in Base64-encoded format, by decoding it,
634  * although we return the encoded version to the caller.
635  */
636  decoded_len = pg_b64_dec_len(strlen(salt_str));
637  decoded_salt_buf = palloc(decoded_len);
638  decoded_len = pg_b64_decode(salt_str, strlen(salt_str),
639  decoded_salt_buf, decoded_len);
640  if (decoded_len < 0)
641  goto invalid_secret;
642  *salt = pstrdup(salt_str);
643 
644  /*
645  * Decode StoredKey and ServerKey.
646  */
647  decoded_len = pg_b64_dec_len(strlen(storedkey_str));
648  decoded_stored_buf = palloc(decoded_len);
649  decoded_len = pg_b64_decode(storedkey_str, strlen(storedkey_str),
650  decoded_stored_buf, decoded_len);
651  if (decoded_len != *key_length)
652  goto invalid_secret;
653  memcpy(stored_key, decoded_stored_buf, *key_length);
654 
655  decoded_len = pg_b64_dec_len(strlen(serverkey_str));
656  decoded_server_buf = palloc(decoded_len);
657  decoded_len = pg_b64_decode(serverkey_str, strlen(serverkey_str),
658  decoded_server_buf, decoded_len);
659  if (decoded_len != *key_length)
660  goto invalid_secret;
661  memcpy(server_key, decoded_server_buf, *key_length);
662 
663  return true;
664 
665 invalid_secret:
666  *salt = NULL;
667  return false;
668 }
int pg_b64_decode(const char *src, int len, char *dst, int dstlen)
Definition: base64.c:116
int pg_b64_dec_len(int srclen)
Definition: base64.c:239
@ PG_SHA256
Definition: cryptohash.h:24
char * pstrdup(const char *in)
Definition: mcxt.c:1696
void * palloc(Size size)
Definition: mcxt.c:1317
char * strsep(char **stringp, const char *delim)
Definition: strsep.c:49
#define SCRAM_SHA_256_KEY_LEN
Definition: scram-common.h:24
int iterations
Definition: thread-thread.c:39

References iterations, palloc(), pg_b64_dec_len(), pg_b64_decode(), PG_SHA256, pstrdup(), SCRAM_SHA_256_KEY_LEN, and strsep().

Referenced by get_password_type(), scram_init(), and scram_verify_plain_password().

◆ pg_be_scram_build_secret()

char* pg_be_scram_build_secret ( const char *  password)

Definition at line 472 of file auth-scram.c.

473 {
474  char *prep_password;
475  pg_saslprep_rc rc;
476  char saltbuf[SCRAM_DEFAULT_SALT_LEN];
477  char *result;
478  const char *errstr = NULL;
479 
480  /*
481  * Normalize the password with SASLprep. If that doesn't work, because
482  * the password isn't valid UTF-8 or contains prohibited characters, just
483  * proceed with the original password. (See comments at top of file.)
484  */
485  rc = pg_saslprep(password, &prep_password);
486  if (rc == SASLPREP_SUCCESS)
487  password = (const char *) prep_password;
488 
489  /* Generate random salt */
491  ereport(ERROR,
492  (errcode(ERRCODE_INTERNAL_ERROR),
493  errmsg("could not generate random salt")));
494 
496  saltbuf, SCRAM_DEFAULT_SALT_LEN,
498  &errstr);
499 
500  if (prep_password)
501  pfree(prep_password);
502 
503  return result;
504 }
int scram_sha_256_iterations
Definition: auth-scram.c:192
int errcode(int sqlerrcode)
Definition: elog.c:853
int errmsg(const char *fmt,...)
Definition: elog.c:1070
#define ERROR
Definition: elog.h:39
#define ereport(elevel,...)
Definition: elog.h:149
void pfree(void *pointer)
Definition: mcxt.c:1521
bool pg_strong_random(void *buf, size_t len)
pg_saslprep_rc pg_saslprep(const char *input, char **output)
Definition: saslprep.c:1046
pg_saslprep_rc
Definition: saslprep.h:21
@ SASLPREP_SUCCESS
Definition: saslprep.h:22
char * scram_build_secret(pg_cryptohash_type hash_type, int key_length, const char *salt, int saltlen, int iterations, const char *password, const char **errstr)
Definition: scram-common.c:210
#define SCRAM_DEFAULT_SALT_LEN
Definition: scram-common.h:44
static char * password
Definition: streamutil.c:54

References ereport, errcode(), errmsg(), ERROR, password, pfree(), pg_saslprep(), PG_SHA256, pg_strong_random(), SASLPREP_SUCCESS, scram_build_secret(), SCRAM_DEFAULT_SALT_LEN, scram_sha_256_iterations, and SCRAM_SHA_256_KEY_LEN.

Referenced by encrypt_password().

◆ scram_verify_plain_password()

bool scram_verify_plain_password ( const char *  username,
const char *  password,
const char *  secret 
)

Definition at line 512 of file auth-scram.c.

514 {
515  char *encoded_salt;
516  char *salt;
517  int saltlen;
518  int iterations;
519  int key_length = 0;
520  pg_cryptohash_type hash_type;
521  uint8 salted_password[SCRAM_MAX_KEY_LEN];
522  uint8 stored_key[SCRAM_MAX_KEY_LEN];
523  uint8 server_key[SCRAM_MAX_KEY_LEN];
524  uint8 computed_key[SCRAM_MAX_KEY_LEN];
525  char *prep_password;
526  pg_saslprep_rc rc;
527  const char *errstr = NULL;
528 
529  if (!parse_scram_secret(secret, &iterations, &hash_type, &key_length,
530  &encoded_salt, stored_key, server_key))
531  {
532  /*
533  * The password looked like a SCRAM secret, but could not be parsed.
534  */
535  ereport(LOG,
536  (errmsg("invalid SCRAM secret for user \"%s\"", username)));
537  return false;
538  }
539 
540  saltlen = pg_b64_dec_len(strlen(encoded_salt));
541  salt = palloc(saltlen);
542  saltlen = pg_b64_decode(encoded_salt, strlen(encoded_salt), salt,
543  saltlen);
544  if (saltlen < 0)
545  {
546  ereport(LOG,
547  (errmsg("invalid SCRAM secret for user \"%s\"", username)));
548  return false;
549  }
550 
551  /* Normalize the password */
552  rc = pg_saslprep(password, &prep_password);
553  if (rc == SASLPREP_SUCCESS)
554  password = prep_password;
555 
556  /* Compute Server Key based on the user-supplied plaintext password */
557  if (scram_SaltedPassword(password, hash_type, key_length,
558  salt, saltlen, iterations,
559  salted_password, &errstr) < 0 ||
560  scram_ServerKey(salted_password, hash_type, key_length,
561  computed_key, &errstr) < 0)
562  {
563  elog(ERROR, "could not compute server key: %s", errstr);
564  }
565 
566  if (prep_password)
567  pfree(prep_password);
568 
569  /*
570  * Compare the secret's Server Key with the one computed from the
571  * user-supplied password.
572  */
573  return memcmp(computed_key, server_key, key_length) == 0;
574 }
bool parse_scram_secret(const char *secret, int *iterations, pg_cryptohash_type *hash_type, int *key_length, char **salt, uint8 *stored_key, uint8 *server_key)
Definition: auth-scram.c:589
unsigned char uint8
Definition: c.h:507
pg_cryptohash_type
Definition: cryptohash.h:20
#define LOG
Definition: elog.h:31
#define elog(elevel,...)
Definition: elog.h:225
static char * username
Definition: initdb.c:153
int scram_ServerKey(const uint8 *salted_password, pg_cryptohash_type hash_type, int key_length, uint8 *result, const char **errstr)
Definition: scram-common.c:172
int scram_SaltedPassword(const char *password, pg_cryptohash_type hash_type, int key_length, const char *salt, int saltlen, int iterations, uint8 *result, const char **errstr)
Definition: scram-common.c:38
#define SCRAM_MAX_KEY_LEN
Definition: scram-common.h:30

References elog, ereport, errmsg(), ERROR, iterations, LOG, palloc(), parse_scram_secret(), password, pfree(), pg_b64_dec_len(), pg_b64_decode(), pg_saslprep(), SASLPREP_SUCCESS, SCRAM_MAX_KEY_LEN, scram_SaltedPassword(), scram_ServerKey(), and username.

Referenced by plain_crypt_verify().

Variable Documentation

◆ pg_be_scram_mech

PGDLLIMPORT const pg_be_sasl_mech pg_be_scram_mech
extern

Definition at line 113 of file auth-scram.c.

Referenced by CheckPWChallengeAuth().

◆ scram_sha_256_iterations

PGDLLIMPORT int scram_sha_256_iterations
extern

Definition at line 192 of file auth-scram.c.

Referenced by pg_be_scram_build_secret().